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DETAILED ACTION 
Priority 

1. Receipt is acknowledged of papers submitted under 35 U.S.C. 119(a)-(d), which 
papers have been placed of record in the file. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1-9 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Fan 
in view of Abadi. 

Regarding claim 1, authentication means for authenticating the device on said 
global network is disclosed in column 4, lines 50-52 of Fan. Creating means for 
creating an access permission entry in response to an access request from the device 
authenticated by said authentication means, and adding said access permission entry to 
an access permission list is disclosed in column 3, lines 46-49. Control means which, 
upon receiving a data packet sent from the device on said global network, determines 
whether or not said data packet should be transferred to said local access permission 
entry network based on information extracted from the header of said data packet and 
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on the access permission entry contained in said access permission list is disclosed in 
column 3 } lines 53-56. That the authentication is done in response to a service access 
request message is missing from Fan. However, Abadi discloses in column 4, lines 61- 
67 a device that requests authentication on a network, and receives authentication in 
response to the request. It would have been obvious to one skilled in the art at the time 
of the invention to include authentication requests in the system of Fan. The motivation 
would be to allow a user to initiate the process of seeking to authenticate themselves 
(see Abadi, column 4, lines 61-63). 

Regarding claim 2, said access permission entry creating means extracts access 
information from an access request packet transmitted from the authenticated device, 
thereby creating an access permission entry containing a source IP address, a 
destination IP address, a source port number, a destination port number and a last 
access permission time is disclosed in column 3, lines 46-49; column 1, lines 43-46; and 
column 12, lines 14-17 (last permission time). 

Regarding claim 3, said control means extracts a source IP address, a 
destination IP address, a source port number and a destination port number from the 
header of the data packet transmitted from the device on said global network, compares 
these extracted items of information with the information about the access permission 
entry contained in said access permission list and transfers said data packet to said 
local network if the two pieces of information correspond in all of the source IP address, 
destination IP address, source port number and destination port number is disclosed in 
column 1, lines 43-46, and column 3, lines 12-13 and 53-56. 
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Regarding claim 4, said control means eliminates the access permission entry 
corresponding to a relevant access from said access permission list in accordance with 
an access termination notification from the device on said global network is disclosed in 
column 10, lines 13-22. 

Regarding claim 5, said control means calculates the length of time which 
elapsed from the last access based on a last access permission time stored in the 
access permission entry which corresponds to the time at which the data packet was 
received from the device on said global network, and eliminates the access permission 
entry from said access permission list when the elapsed time exceeds a predetermined 
reference time is disclosed in figure 7 and column 12, lines 10-25. 

Regarding claim 6, storage means for storing said access permission list is 
disclosed at column 3, lines 53-56. 

Regarding claim 7, authenticating the device on said global network is disclosed 
in column 4, lines 50-52 of Fan. Creating an access permission entry in response to an 
access request from the authenticated device and adding the access permission entry 
to an access permission list is disclosed in column 3, lines 46-49. Determining, upon 
receiving a data packet from a device on said global network, whether or not said data 
packet should be transferred to said local network based on information extracted from 
the header of said data packet and on the access permission entry contained in said 
access permission list is disclosed in column 3, lines 53-56. That the authentication is 
done in response to a service access request message is missing from Fan. However, 
Abadi discloses in column 4, lines 61-67 a device that requests authentication on a 
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network, and receives authentication in response to the request. It would have been 
obvious to one skilled in the art at the time of the invention to include authentication 
requests in the system of Fan. The motivation would be to allow a user to initiate the 
process of seeking to authenticate themselves (see Abadi, column 4, lines 61-63). 

Regarding claim 8, in the step of creating the access permission entry, access 
information is extracted from an access request packet transmitted from the 
authenticated device, so that an access permission entry can be created which contains 
a source IP address, a destination IP address, a source port number, an access 
destination port number and a last permission time is disclosed in column 3, lines 46-49; 
column 1, lines 43-46; and column 12, lines 14-17 (last permission time). 

Regarding claim 9, a source IP address, a source port number, a destination IP 
address and a destination port number are extracted from the header of the data packet 
transmitted from the device on said global network, and the extracted items of 
information are compared with information about the access permission entry contained 
in said access permission list, whereby said data packet is transferred to said local 
network if the two pieces of information correspond in all of the source IP address, 
destination IP address, source port number and destination port number is disclosed in 
column 1 , lines 43-46, and column 3, lines 1 2-1 3 and 53-56. 

Conclusion 

4. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
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§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 . 1 36(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Cynthia L Davis whose telephone number is (571 ) 272- 
31 1 7. The examiner can normally be reached on 8:30 to 6, Monday to Thursday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Huy Vu can be reached on (571 ) 272-31 55. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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